Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

extended mail logging issues

Discussion in 'E-mail Discussion' started by n8whnp, Jul 29, 2008.

  1. n8whnp

    n8whnp Member
    Staff Member

    Joined:
    Sep 2, 2007
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    51
    Hello,

    The extended logging for email sending forms includes the full server path to accessing the sending script. This knowledge is something that makes it easier for hackers to track down the mailing programs/modules in sites and then exploit them.

    Please consider using a hash function, so that only the server administrator could reverse what the calling script was.

    Nate C
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,460
    Likes Received:
    21
    Trophy Points:
    463
    Location:
    Go on, have a guess
    How do you foresee user accounts being able to read exim_mainlog with its configured default permissions? Since they can't, the issue is moot.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice